Vendor VMware has released updates for several of its virtualisation solutions to close numerous security holes
......
he problems are mainly caused by flawed third-party software such as Kerberos, GCC and OpenSSL shipped with VMware products. The updates for Oracle's Java alone close several dozen holes.

__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump